The SpywareGuide Greynets Blog: Bank Hacking Tutorial Is Ardamax Keylogger In Disguise

Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories

SpywareGuide powered by FaceTime Security Labs

Search SpywareGuide Greynets Database & Site

Security Email Alerts & Updates

Search the Blog

Recent Posts
Fake Windows Update Popup: It's Back (Again) OKOK.exe is not okay - okay? Scare Tactics Roll Up, Roll Up, Get Your Passports Here First Time For Everything More Fake Instant Messaging Scams Fake GoogleTalk Application In The Wild Random Skype Conversations With A Bulgarian...Sort Of Comments Working (Again!) Memehacks

Categories
419 Adware / Spyware Issues Botnets Conferences Development EULA Madness In The Press Instant Messaging Instant Messenging Miscellaneous Myspace P2P / File Sharing Phish Phishing Scams Privacy Issues Research Adware Research Greynets Research Spyware Research Technical News Round Up Social Networking Spam The Mail Bag Tips and Tricks Travel Videogames Worms

Monthly Blog Archives
May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006

Links
FaceTime VitalSecurity Revenews XBlock

Subscribe
Subscribe to this blog's feed

About the Blog
About SpywareGuide Greynets Blog

Link to Us
Link to SpywareGuide.com

« 2008: What Does The Year Hold? | Main | Who Watches The Watchmen? »

Bank Hacking Tutorial Is Ardamax Keylogger In Disguise

Here's a strange one - a supposed "Bank Hacking Tutorial" that's actually nothing of the kind. Of course, suspicions should be raised by the fact that the "tutorial" is actually an executable:

When running the file, a screenshot takes over the desktop which appears to be a snap from inside someone's bank account containing around $4,000:

http://blog.spywareguide.com/upload/2008/01/bank_hack_tut2-thumb.jpg

Click to Enlarge

Note the tabs at the bottom - "People I've hacked" and a notepad file called "Bank account". Was this all done purely to show off with some bragging rights? Well, sort of...once you close the screenshot, you're met with this on the desktop:

A "trial expired" notice for Ardamax keylogger, version 1.6 (currently it's at 1.7). The files are dumped into a numbered folder in the System32 Directory:

....and here's the Viewer that runs if you double click AKV.exe:

http://blog.spywareguide.com/upload/2008/01/bank_hack_tut5-thumb.jpg

Click to Enlarge

Now this could be an interesting way to social engineer a script kiddy into running a keylogger on their own PC (hey kid, check out my awesome bank hack tutorial!) - but I can't see it being much use when the version they're dumping onto the PC has expired?

Posted by Paperghost on January 8, 2008 02:43 AM | Permalink

TrackBack

TrackBack URL for this entry:
http://blog.spywareguide.com/mt/mt-tb.cgi/251

Listed below are links to weblogs that reference Bank Hacking Tutorial Is Ardamax Keylogger In Disguise:

» scanner from http://scannercenter.net
great scanner items. [Read More]

» Tramadol. from Tramadol.
Tramadol. [Read More]

Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds | Link To Us | SpywareGuide Japan

© Copyright 2006, FaceTime Communications, Inc. All rights reserved.